- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hello,
-
When you have both an organization trail and individual account trails logging the same events, you will incur charges for duplicate logs from each trail.
-
To avoid duplicate charges but ensure you don't lose any logs during the transition, I would recommend keeping both the "Stage" account trail and the new organization trail active for a short period, such as 1-2 days. This allows the organization trail time to start logging all accounts before removing the individual account trail.
-
After confirming the organization trail is logging successfully in all accounts for a day or two, you can then delete the "Stage" account trail. This ensures a smooth transition without gaps in your logs. Any duplicate charges from the brief period of both trails logging will be minimal.
-
The organization trail on its own will deliver a single copy of events across all accounts once the individual account trail is removed. So as long as only the organization trail remains after the transition period, you will not continue to be charged for duplicate logs going forward.
Let me know if you have any other questions!
Thanks
Abhinav
Cloudtrail is charged on a per account basis.
- So if you have an org enabled trail in ALL accounts this will not be charged.
- If you create a 2nd one called stage in one of the accounts, then you will be charged for the 2nd trail just in this account.
- If you delete the Stage from this account at a later date, then you will no longer incure charges.
You only really need a 2nd trail if you want to log to a different S3 bucket or to cloudwatch log groups in the local account where you have enabled a NON org trail. You will still be able to search the last 90 days from the Cloudtrail console still even if cloudtrail is not configured.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a un an
AWS OFFICIELA mis à jour il y a un an- AWS OFFICIELA mis à jour il y a 2 ans
